Patient Confidentiality




Abstract


Respect for patient privacy is a pillar of the doctor-patient relationship, and laws codify the duties of doctors to maintain confidentiality with regard to patient interactions. On the other hand, under special circumstances, doctors have both ethical and legal duties to disclose patient confidences (e.g., if third parties are under threat of serious potential harm). This chapter reviews both ethical and legal obligations of patient privacy and their limits.




Keywords

ethics, confidentiality, patient-doctor relationship

 




Case Synopsis


A physician’s husband has undergone partial nephrectomy at her hospital for a suspicious lesion in his left kidney. The surgery was complicated by fever and acute renal failure. While on call one evening, curious to see how her friend’s husband is doing, an anesthesiologist accesses the patient’s electronic medical record. In the course of reading about the patient’s progress, the anesthesiologist comes across a notation that the patient has tested positive for the human immunodeficiency virus (HIV) and has asked that his wife not be told because he is “not ready yet to disclose it to her.” The anesthesiologist wants to inform her friend of the husband’s positive HIV test.




Problem Analysis


Definition


Patient confidentiality is a cornerstone of medical professionalism. It is an ethical duty explicitly addressed by the various versions of the Hippocratic Oath, in which the duty to maintain confidentiality is not confined to mere health matters, but also encompasses “whatever, in the course of my practice I may see or hear (even when not invited), whatever I may happen to obtain knowledge of.” In other words, the physician’s duty to keep patient confidences includes anything the physician might learn in the course of patient care. Despite this foundational duty, however, physicians are often unaware of what constitutes a breach of confidentiality. In a study of over 500 Swiss physicians who were presented seven scenarios demonstrating “important” or “severe” breaches of patient confidentiality, many had difficulty recognizing instances in which such breaches occurred. Physicians were more likely to correctly identify such violations if they had been in practice longer than 20 years, had experienced some ethics education, and were of female gender. In another study, 71% of physicians felt they should disclose a patient’s positive HIV status to surgical colleagues, even if the patient had asked them not to.


Confidentiality is vital to the maintenance of trust in the physician-patient relationship. That relationship necessarily involves the disclosure of sensitive information that might, if publicly disclosed, harm the patient through stigmatization, loss of community and employment, harm to primary relationships, and loss of other societal benefits. The willingness of patients to seek medical help and to be forthright in disclosing social and other information vital to the diagnosis and treatment of disease relies on the patient’s trust that the physician will protect such disclosures completely. Three professions are often given common law protections with regard to confidentiality—attorneys, clergy, and physicians—due to special “social contracts” such professions hold and the critical nature of confidentiality in performing their duties.


The duty to keep secrets prohibits the physician from disclosing patient health care information to others without the patient’s authorization, and it also more broadly encompasses a general respect for patient privacy. Ethical principles and law both require health care providers to actively take precautions to protect unauthorized access to such information. A provider must not leave patient records lying around in public places, or leave electronic records open and available on a public computer, for example. Even though health care information is often freely shared among all of the members of the patient’s health care team, it is the duty of all team members to protect the information from others who do not have a legitimate reason for access. Furthermore, physicians do not have a right to access health information regarding persons with whom they do not have an established doctor-patient relationship except under very special circumstances.


In general, if the patient has not given explicit permission to disclose information, even to a spouse or other family member, the physician is not allowed to do so and it remains at the patient’s discretion to disclose. There are a few exceptions to this rule.


Duty to Warn


If a spouse, family member, or any other third party is at specific personal risk of significant harm directly related to the patient’s health information or to any information disclosed to the physician in the course of the patient-doctor relationship, the physician’s duty of confidentiality may be waived. In some cases the law may even require the physician to violate confidentiality.


The classic case is that of Tarasoff v. Regents of the University of California. In 1969 a graduate student at Berkeley University, Prosinjit Podder, became obsessed with Ms. Tarasoff after they went on a couple of dates. When she rebuffed further contact with him, he became depressed and in the course of therapy confessed to his psychologist, Dr. Moore, that he intended to kill Ms. Tarasoff. Moore found these threats credible and alerted campus police, violating his patient’s confidence in the process. Campus police believed that Podder was not an actual threat to Tarasoff and elected not to detain him. Neither Podder’s doctor nor the police informed Tarasoff or her parents of Podder’s threats, and Podder subsequently murdered her. Podder was convicted and eventually deported to India, his country of origin. The courts found in a later lawsuit brought by Tatiana’s parents against the university that a duty to warn and/or protect existed and superseded the patient’s (Podder’s) right to confidentiality. In this case the court found that Moore’s violation of patient confidentiality did not go far enough. Merely reporting and/or investigating the threat was insufficient; the jury found that the specific threat should have been relayed to the (then) potential victim and her family so that she could take measures to protect herself.


As a result of the Tarasoff case, many states enacted legislation outlining a “duty to warn.” As of 2014, 23 states had adopted mandatory “duty to warn” legislation concerning health care workers, 10 states had such duties present in common law and supported by precedent, and 11 states had a permissive duty (meaning there is no codification of a duty to warn, but legislation “permits” health care professionals to breach confidentiality in such cases). Only 6 states had no statutes regarding such a duty ( Table 15.1 ).



TABLE 15.1

Laws Pertaining to Duty to Warn by State/District (2014)















Duty to warn/protect codified in state statute AZ, CA, CO, ID, IN, KY, LA, MD, MA, MI, MN, MS, MO, MT, NE, NH, NJ, OH, OK, TN, UT, VA, WA
Duty to warn/protect supported by common law and legal precedent AL, DE, GA, HI, IA, NC, PA, SC, SD, VT, WI
Legal “permission” for health care workers to breach confidentiality in the case of credible threat AK; CT; Washington, DC; FL; IL; NY; OR; RI; TX; WV; WY
No legal guidance regarding to duty to warn/protect AR, KS, ME, NV, NM, ND

Only gold members can continue reading. Log In or Register to continue

Feb 18, 2019 | Posted by in ANESTHESIA | Comments Off on Patient Confidentiality

Full access? Get Clinical Tree

Get Clinical Tree app for offline access